Your organization wants to reduce costs. Which of the following actions should you take?

1. A. Grant all users admin permissions
2. B. Remove all outside collaborators
3. C. Regularly audit for inactive users
4. D. Disable SAML SSO for members

Correct Answer: C
Regularly auditing for inactive (dormant) users lets you suspend or remove accounts that aren??t consuming seats - freeing up licenses and directly lowering your per?user subscription costs.

When a user becomes a member of multiple GitHub organizations, which THREE of the following are important considerations for administrators? (Choose three.)

1. A. The user will automatically have the same role across all organizations.
2. B. The user's repository access and/or team membership needs to be managed separately for each organization.
3. C. The user will need to authorize credentials separately for each SAML-enabled organization.
4. D. The user will have different permission levels in each organization.
5. E. The user's profile information becomes private to non-organization members.
6. F. The user's personal repositories will become accessible to all organizations.

Correct Answer: BCD
A user's repository access and team memberships are scoped to each organization, so admins must configure permissions separately per org.
When an organization enforces SAML SSO, each member must authorize their personal access tokens or SSH keys for that org, requiring separate approval for each SAML?enabled organization
Roles and permission levels (owner, member, billing manager, repository roles, etc.) are assigned on a per?organization basis, so a user often has different permissions in different organizations.

How does Dependabot determine which security update PRs to open?

1. A. It waits for manual triage of all CVEs.
2. B. It uses the dependency graph and Dependabot alerts to open PRs for patched versions.
3. C. It reads the GitHub Issues and automatically suggests fixes.
4. D. It compares your codebase to the GitHub Trending list.

Correct Answer: B
Dependabot relies on your repository??s enabled Dependency Graph and Dependabot Alerts to identify vulnerable dependencies; it then automatically opens pull requests to update to the patched versions that resolve those alerts.

What will happen if Dependabot discovers a vulnerable transitive dependency in a repository?

1. A. It creates a pull request to update the direct dependency to a version that resolves the vulnerability.
2. B. It opens a pull request to update the affected package directly, regardless of version compatibility.
3. C. It automatically removes the package from the repository.
4. D. It sends an email to the repository owner but does not alter code.

Correct Answer: A
Dependabot will automatically open a pull request that updates the direct dependency to a version which, in turn, resolves (or removes) the vulnerable transitive dependency—ensuring the fix is applied via your declared dependencies.

A GitHub Enterprise administrator is planning to implement SAML SSO across their company. Which of the following correctly distinguishes enterprise-wide SAML SSO from organization-level SAML SSO?

1. A. Enterprise-wide SAML SSO requires less initial administrative overhead than organization-level implementation.
2. B. Enterprise-wide SAML SSO allows different organizations to use different authentication methods.
3. C. Enterprise-wide SAML SSO immediately removes users who fail to authenticate via the IdP.
4. D. Enterprise-wide SAML SSO ensures users authenticate through the same IdP across all organizations.

Correct Answer: D
Enterprise#wide SAML SSO enforces a single IdP across all member organizations—its configuration overrides any per#organization SAML settings, so everyone must authenticate through the same provider.